diff --git a/.forgejo/issue_template/bug-report.yaml b/.forgejo/issue_template/bug-report.yaml deleted file mode 100644 index 414f4e4..0000000 --- a/.forgejo/issue_template/bug-report.yaml +++ /dev/null @@ -1,84 +0,0 @@ -name: 🐛 Bug Report -description: Found something you weren't expecting? Report it here! -title: "bug: " -labels: ["Kind/Bug"] -body: - - type: markdown - attributes: - value: | - **NOTE: If your issue is a security concern, please email (GPG: `A4676E79`) instead of opening a public issue.** - - type: markdown - attributes: - value: | - - Please speak English, as this is the language all maintainers can speak and write. - - Be as clear and concise as possible. A very verbose report is harder to interpret in a concrete way. - - Be civil, and follow the [Forgejo Code of Conduct](https://codeberg.org/forgejo/code-of-conduct). - - Take a moment to [check that your issue hasn't been reported before](https://code.forgejo.org/forgejo/runner/issues?q=&type=all&labels=19). - - type: dropdown - id: can-reproduce - attributes: - label: Can you reproduce the bug on the Forgejo test instance? - description: | - Please try reproducing your issue at https://dev.next.forgejo.org. - It is running the latest development branch and will confirm the problem is not already fixed. - If you can reproduce it, provide a URL in the description. - options: - - "Yes" - - "No" - validations: - required: true - - type: textarea - id: description - attributes: - label: Description - description: | - Please provide a description of your issue here, with a URL if you were able to reproduce the issue (see above). - validations: - required: true - - type: input - id: forgejo-ver - attributes: - label: Forgejo Version - description: Forgejo version (or commit reference) of your instance - - type: input - id: runner-ver - attributes: - label: Runner Version - description: Runner version (or commit reference) of the runner on your instance - - type: textarea - id: forgejo-run-info - attributes: - label: How are you running Forgejo? - description: | - Please include information on whether you built Forgejo yourself, used one of our downloads, or are using some other package. - Please also tell us how you are running Forgejo, e.g. if it is being run from a container, a command-line, systemd etc. - If you are using a package or systemd tell us what distribution you are using. - validations: - required: true - - type: textarea - id: runner-run-info - attributes: - label: How are you running the Runner? - description: | - Please include information on whether you built the Runner yourself, used one of our downloads, or are using some other package. - Please also tell us how you are running it, e.g. if it is being run from a container, a command-line, systemd etc. - If you are using a package or systemd tell us what distribution you are using. - validations: - required: true - - type: textarea - id: logs - attributes: - label: Logs - description: | - It's really important to provide pertinent logs. You must give us `DEBUG` level logs. - Please read https://forgejo.org/docs/latest/admin/logging-documentation/. - - Please copy and paste your logs here, with any sensitive information (e.g. API keys) removed/hidden. - You can wrap your logs in `
...
` tags so it doesn't take up too much space in the issue. - - type: textarea - id: workflow - attributes: - label: Workflow file - description: | - If the bug occurs in a specific workflow, please provide an example workflow file. - If you have linked to a reproduction repository this won't be necessary. diff --git a/.forgejo/issue_template/feature-request.yaml b/.forgejo/issue_template/feature-request.yaml deleted file mode 100644 index 3daeafd..0000000 --- a/.forgejo/issue_template/feature-request.yaml +++ /dev/null @@ -1,26 +0,0 @@ -name: 💡 Feature Request -description: Got an idea for an improvement to the Forgejo Runner? Suggest it here! -title: "feat: " -labels: ["Kind/Enhancement"] -body: -- type: markdown - attributes: - value: | - - Please speak English, as this is the language all maintainers can speak and write. - - Be as clear and concise as possible. A very verbose request is harder to interpret in a concrete way. - - Be civil, and follow the [Forgejo Code of Conduct](https://codeberg.org/forgejo/code-of-conduct). - - Please make sure you are using the latest release of the runner and take a moment to [check that your feature hasn't already been suggested](https://code.forgejo.org/forgejo/runner/issues?q=&type=all). -- type: textarea - id: needs-benefits - attributes: - label: Needs and benefits - description: As concisely as possible, describe the benefits your feature request will provide or the problems it will try to solve. - validations: - required: true -- type: textarea - id: description - attributes: - label: Feature Description - description: As concisely as possible, describe the feature you would like to see added or the changes you would like to see made to Forgejo. - validations: - required: true diff --git a/.forgejo/workflows/build-release-integration.yml b/.forgejo/workflows/build-release-integration.yml index 79dd00c..7f92218 100644 --- a/.forgejo/workflows/build-release-integration.yml +++ b/.forgejo/workflows/build-release-integration.yml @@ -7,8 +7,6 @@ on: - Dockerfile - .forgejo/workflows/build-release.yml - .forgejo/workflows/build-release-integration.yml - branches-ignore: - - renovate/** # they are build via PR pull_request: paths: - go.mod @@ -18,13 +16,13 @@ on: jobs: release-simulation: - runs-on: lxc-bookworm + runs-on: self-hosted if: github.repository_owner != 'forgejo-integration' && github.repository_owner != 'forgejo-release' steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v3 - id: forgejo - uses: https://code.forgejo.org/actions/setup-forgejo@v2.0.4 + uses: https://code.forgejo.org/actions/setup-forgejo@v1 with: user: root password: admin1234 diff --git a/.forgejo/workflows/build-release.yml b/.forgejo/workflows/build-release.yml index 8bbfd1b..162befb 100644 --- a/.forgejo/workflows/build-release.yml +++ b/.forgejo/workflows/build-release.yml @@ -12,16 +12,15 @@ name: Build release on: push: - tags: - - 'v*' + tags: 'v*' jobs: release: - runs-on: lxc-bookworm + runs-on: self-hosted # root is used for testing, allow it if: secrets.ROLE == 'forgejo-integration' || github.repository_owner == 'root' steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v3 - name: Increase the verbosity when there are no secrets id: verbose diff --git a/.forgejo/workflows/cascade-setup-forgejo.yml b/.forgejo/workflows/cascade-setup-forgejo.yml index d44897a..6d94f01 100644 --- a/.forgejo/workflows/cascade-setup-forgejo.yml +++ b/.forgejo/workflows/cascade-setup-forgejo.yml @@ -8,11 +8,9 @@ on: jobs: cascade: runs-on: docker - container: - image: 'code.forgejo.org/oci/node:20-bookworm' if: vars.CASCADE != 'no' steps: - - uses: https://code.forgejo.org/actions/cascading-pr@v2.2.0 + - uses: actions/cascading-pr@v1 with: origin-url: ${{ env.GITHUB_SERVER_URL }} origin-repo: forgejo/runner diff --git a/.forgejo/workflows/example-docker-compose.yml b/.forgejo/workflows/example-docker-compose.yml index 6e017db..7b31a6d 100644 --- a/.forgejo/workflows/example-docker-compose.yml +++ b/.forgejo/workflows/example-docker-compose.yml @@ -7,8 +7,7 @@ on: jobs: example-docker-compose: - if: github.repository_owner != 'forgejo-integration' && github.repository_owner != 'forgejo-experimental' && github.repository_owner != 'forgejo-release' - runs-on: lxc-bookworm + runs-on: self-hosted steps: - uses: actions/checkout@v4 @@ -18,11 +17,15 @@ jobs: export DEBIAN_FRONTEND=noninteractive apt-get install -qq -y ca-certificates curl gnupg install -m 0755 -d /etc/apt/keyrings - curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg - echo "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null + curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg + echo "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null apt-get update -qq - apt-get install -qq -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin + apt-get install -qq -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin=2.20.2-1~debian.11~bullseye docker version + # + # docker compose is prone to non backward compatible changes, pin it + # + apt-get install -qq -y docker-compose-plugin=2.20.2-1~debian.11~bullseye docker compose version - name: run the example @@ -32,6 +35,7 @@ jobs: secret=$(openssl rand -hex 20) sed -i -e "s/{SHARED_SECRET}/$secret/" compose-forgejo-and-runner.yml cli="docker compose --progress quiet -f compose-forgejo-and-runner.yml" + chown -R 1000:1000 /srv # # Launch Forgejo & the runner # diff --git a/.forgejo/workflows/publish-release.yml b/.forgejo/workflows/publish-release.yml index a8f5f6a..35d8662 100644 --- a/.forgejo/workflows/publish-release.yml +++ b/.forgejo/workflows/publish-release.yml @@ -17,31 +17,26 @@ name: publish on: push: - tags: - - 'v*' + tags: 'v*' jobs: publish: - runs-on: lxc-bookworm + runs-on: self-hosted if: secrets.DOER != '' && secrets.FORGEJO != '' && secrets.TO_OWNER != '' && secrets.FROM_OWNER != '' && secrets.TOKEN != '' steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v3 - name: copy & sign - uses: https://code.forgejo.org/forgejo/forgejo-build-publish/publish@v5.2.1 + uses: https://code.forgejo.org/forgejo/forgejo-build-publish/publish@v1 with: - from-forgejo: ${{ secrets.FORGEJO }} - to-forgejo: ${{ secrets.FORGEJO }} + forgejo: ${{ secrets.FORGEJO }} from-owner: ${{ secrets.FROM_OWNER }} to-owner: ${{ secrets.TO_OWNER }} repo: "runner" - release-notes: "See https://code.forgejo.org/forgejo/runner/src/branch/main/RELEASE-NOTES.md#{ANCHOR}" ref-name: ${{ github.ref_name }} - sha: ${{ github.sha }} container-suffixes: " " - from-token: ${{ secrets.TOKEN }} - to-doer: ${{ secrets.DOER }} - to-token: ${{ secrets.TOKEN }} + doer: ${{ secrets.DOER }} + token: ${{ secrets.TOKEN }} gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }} gpg-passphrase: ${{ secrets.GPG_PASSPHRASE }} verbose: ${{ secrets.VERBOSE }} diff --git a/.forgejo/workflows/test.yml b/.forgejo/workflows/test.yml index f2c3be1..677ab68 100644 --- a/.forgejo/workflows/test.yml +++ b/.forgejo/workflows/test.yml @@ -11,7 +11,7 @@ env: FORGEJO_ADMIN_PASSWORD: 'admin1234' FORGEJO_RUNNER_SECRET: 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA' FORGEJO_SCRIPT: | - /bin/s6-svscan /etc/s6 & sleep 10 ; su -c "forgejo admin user create --admin --username $FORGEJO_ADMIN_USER --password $FORGEJO_ADMIN_PASSWORD --email root@example.com" git && su -c "forgejo forgejo-cli actions register --labels docker --name therunner --secret $FORGEJO_RUNNER_SECRET" git && sleep infinity + /bin/s6-svscan /etc/s6 & sleep 10 ; su -c "forgejo admin user create --admin --username $FORGEJO_ADMIN_USER --password $FORGEJO_ADMIN_PASSWORD --email root@example.com" git && su -c "forgejo forgejo-cli actions register --labels docker --name therunner --secret $FORGEJO_RUNNER_SECRET" git && sleep infinity GOPROXY: https://goproxy.io,direct jobs: @@ -19,12 +19,10 @@ jobs: name: build and test if: github.repository_owner != 'forgejo-integration' && github.repository_owner != 'forgejo-experimental' && github.repository_owner != 'forgejo-release' runs-on: docker - container: - image: 'code.forgejo.org/oci/ci:1' services: forgejo: - image: codeberg.org/forgejo/forgejo:9 + image: codeberg.org/forgejo/forgejo:1.21 env: FORGEJO__security__INSTALL_LOCK: "true" FORGEJO__log__LEVEL: "debug" @@ -38,21 +36,11 @@ jobs: - ${{ env.FORGEJO_SCRIPT }} steps: - - uses: actions/checkout@v4 - - - uses: actions/setup-go@v5 + - uses: actions/setup-go@v3 with: - go-version-file: go.mod + go-version: '1.21' - - name: validate go version - run: | - set -ex - toolchain=$(grep -oP '(?<=toolchain ).+' go.mod) - version=$(go version | cut -d' ' -f3) - if [ "$toolchain" != "$version" ]; then - echo "go version mismatch: $toolchain <> $version" - exit 1 - fi + - uses: actions/checkout@v4 - run: make vet @@ -65,9 +53,9 @@ jobs: - name: check the forgejo server is responding run: | - sleep 10 # matches the sleep 10 in the bootstrap of the Forgejo instance - # in case of a slow machine, give it time to bootstrap - retry --delay=10 --times=6 bash -c 'test $FORGEJO_ADMIN_USER = $(curl -sS http://$FORGEJO_ADMIN_USER:$FORGEJO_ADMIN_PASSWORD@$FORGEJO_HOST_PORT/api/v1/user | jq --raw-output .login)' + apt-get update -qq + apt-get install -y -qq jq curl + test $FORGEJO_ADMIN_USER = $(curl -sS http://$FORGEJO_ADMIN_USER:$FORGEJO_ADMIN_PASSWORD@$FORGEJO_HOST_PORT/api/v1/user | jq --raw-output .login) - run: make FORGEJO_URL=http://$FORGEJO_HOST_PORT test @@ -75,7 +63,7 @@ jobs: needs: [build-and-tests] name: runner exec tests if: github.repository_owner != 'forgejo-integration' && github.repository_owner != 'forgejo-experimental' && github.repository_owner != 'forgejo-release' - runs-on: lxc-bookworm + runs-on: self-hosted steps: diff --git a/.github/workflows/build-release.yml b/.github/workflows/build-release.yml deleted file mode 100644 index 4524591..0000000 --- a/.github/workflows/build-release.yml +++ /dev/null @@ -1,50 +0,0 @@ -# This workflow will build a Windows binary for each architecture and upload it as an artifact. -# If the push is a tag, it will create a release with the binaries attached. -# This build is currently supported on https://github.com/Crown0815/forgejo-runner-windows - -name: Build release - -on: - push: - tags: 'v*' -jobs: - build: - name: Build ${{matrix.architecture}} - runs-on: ubuntu-latest - strategy: - matrix: - architecture: ['386', amd64, arm, arm64] - steps: - - uses: actions/checkout@v4 - - name: Build for ${{matrix.architecture}} - run: | - env GOOS=windows GOARCH=${{matrix.architecture}} \ - go build \ - -ldflags "-s -w -X gitea.com/gitea/act_runner/internal/pkg/ver.version=${{ github.ref_name }}" \ - -o forgejo-runner-windows-${{matrix.architecture}}.exe - - - uses: actions/upload-artifact@v4 - with: - name: forgejo-runner-windows-${{matrix.architecture}} - path: forgejo-runner-windows-${{matrix.architecture}}.exe - - release: - runs-on: ubuntu-latest - needs: build - if: github.event_name == 'push' && github.ref_type == 'tag' - steps: - - uses: actions/download-artifact@v4 - with: - path: . - - - name: Create Release - uses: softprops/action-gh-release@v2 - with: - tag_name: ${{ github.ref_name }} - files: forgejo-runner-windows-*/forgejo-runner-windows-*.exe - draft: false - prerelease: ${{ contains(github.ref, 'beta') || contains(github.ref, 'alpha') }} - token: ${{ secrets.RELEASE_TOKEN }} - fail_on_unmatched_files: true - body: See [original release notes](https://code.forgejo.org/forgejo/runner/releases/tag/${{ github.ref_name }}). - diff --git a/.gitignore b/.gitignore index 57ec96d..3a3808c 100644 --- a/.gitignore +++ b/.gitignore @@ -12,6 +12,3 @@ coverage.txt __debug_bin # gorelease binary folder dist - -# Jetbrains IDE -.idea diff --git a/Dockerfile b/Dockerfile index 6acc805..af507da 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,6 @@ FROM --platform=$BUILDPLATFORM code.forgejo.org/oci/tonistiigi/xx AS xx -FROM --platform=$BUILDPLATFORM code.forgejo.org/oci/golang:1.23-alpine3.20 AS build-env +FROM --platform=$BUILDPLATFORM code.forgejo.org/oci/golang:1.21-alpine3.19 AS build-env # # Transparently cross compile for the target platform @@ -19,7 +19,7 @@ WORKDIR /srv RUN make clean && make build -FROM code.forgejo.org/oci/alpine:3.20 +FROM code.forgejo.org/oci/alpine:3.19 ARG RELEASE_VERSION RUN apk add --no-cache git bash @@ -40,8 +40,10 @@ ENV HOME=/data USER 1000:1000 +COPY --chmod=555 entrypoint.sh /entrypoint.sh + WORKDIR /data VOLUME ["/data"] -CMD ["/bin/forgejo-runner"] +ENTRYPOINT ["/entrypoint.sh"] diff --git a/RELEASE-NOTES.md b/RELEASE-NOTES.md index b28f9ad..c4d9db3 100644 --- a/RELEASE-NOTES.md +++ b/RELEASE-NOTES.md @@ -1,39 +1,7 @@ # Release Notes -## 6.0.0 +## 3.5.2 -* Security: the container options a job is allowed to specify are limited to a [predefined allow list](https://forgejo.org/docs/next/user/actions/#jobsjob_idcontaineroptions). - -## 5.0.4 - -* Define FORGEJO_TOKEN as an alias to GITHUB_TOKEN - -## 5.0.3 - -* [Fixes a regression](https://code.forgejo.org/forgejo/runner/pulls/354) that was introduced in version 5.0.0 by which it was no longer possible to mount the docker socket in each container by specifying `[container].docker_host = ""`. This is now implemented when `[container].docker_host = "automount"` is specified. - -## 5.0.2 - -* Fixes a regression that was introduced in version 5.0.0 by which [skipped jobs were marked as failed instead](https://code.forgejo.org/forgejo/act/pulls/67). The workaround is to change the job log level to debug `[log].job_level: debug`. - -## 5.0.1 - -* Security: the `/opt/hostedtoolcache` directory is now unique to each job instead of being shared to avoid a risk of corruption. It is still advertised in the `RUNNER_TOOL_CACHE` environment variable. Custom container images can be built to pre-populate this directory with frequently used tools and some actions (such as `setup-go`) will benefit from that. - -## 5.0.0 - -* Breaking change: the default configuration for `docker_host` is changed to [not mounting the docker server socket](https://code.forgejo.org/forgejo/runner/pulls/305) even when no configuration file is provided. -* [Add job_level logging option to config](https://code.forgejo.org/forgejo/runner/pulls/299) to make the logging level of jobs configurable. Change default from "trace" to "info". -* [Don't log job output when debug logging is not enabled](https://code.forgejo.org/forgejo/runner/pulls/303). This reduces the default amount of log output of the runner. - -## 4.0.1 - -* Do not panic when [the number of arguments of a function evaluated in an expression is incorect](https://code.forgejo.org/forgejo/act/pulls/59/files). - -## 4.0.0 - -* Breaking change: fix the default configuration for `docker_host` is changed to [not mounting the docker server socket](https://code.forgejo.org/forgejo/runner/pulls/305). -* [Remove debug information from the setup of a workflow](https://code.forgejo.org/forgejo/runner/pulls/297). * Fix [crash in some cases when the YAML structure is not as expected](https://code.forgejo.org/forgejo/runner/issues/267). ## 3.5.1 diff --git a/entrypoint.sh b/entrypoint.sh new file mode 100755 index 0000000..712227e --- /dev/null +++ b/entrypoint.sh @@ -0,0 +1,132 @@ +#!/usr/bin/env bash + +set -e + +# Technically not nessecary but it cleans up the logs from having token/secret values +run_command() { + local cmd="$@" + # Replace any --token or --secret with [REDACTED] + local safe_cmd=$(echo "$cmd" | sed -E 's/--(token|secret) [^ ]+/--\1 [REDACTED]/g') + decho "Running command: $safe_cmd" + eval $cmd +} + +decho() { + if [[ "${DEBUG}" == "true" ]]; then + echo "[entrypoint] $@" + fi +} +decho $PWD + +# Check if the script is running as root +if [[ $(id -u) -eq 0 ]]; then + ISROOT=true + decho "[WARNING] Running as root user" +fi + +# Handle if `command` is passed, as command appends arguments to the entrypoint +if [ "$#" -gt 0 ]; then + run_command $@ + exit +fi + +# Handle and alter the config file +if [[ -z "${CONFIG_FILE}" ]]; then + echo "CONFIG_FILE is not set" + CONFIG_FILE="/data/config.yml" +fi +CONFIG_ARG="--config ${CONFIG_FILE}" +decho "CONFIG: ${CONFIG_ARG}" + +DOCKER_HOST=${DOCKER_HOST:-"tcp://docker:2367"} +DOCKER_CERT_PATH=${DOCKER_CERT_PATH:-"/certs/client"} +DOCKER_TLS_VERIFY=${DOCKER_TLS_VERIFY:-1} +decho "DOCKER_HOST: ${DOCKER_HOST}" +decho "DOCKER_CERT_PATH: ${DOCKER_CERT_PATH}" +decho "DOCKER_TLS_VERIFY: ${DOCKER_TLS_VERIFY}" +if [[ ! -f "${CONFIG_FILE}" ]]; then + echo "Creating ${CONFIG_FILE}" + run_command "forgejo-runner generate-config > ${CONFIG_FILE}" + + # Remove test environment variables if they exist in the config file + sed -i "/^ A_TEST_ENV_NAME_1:/d" ${CONFIG_FILE} + sed -i "/^ A_TEST_ENV_NAME_2:/d" ${CONFIG_FILE} + + # Apply default values for docker + sed -i "/^ labels:/c\ labels: [\"docker:docker://code.forgejo.org/oci/node:20-bookworm\", \"ubuntu-22.04:docker://catthehacker/ubuntu:act-22.04\"]" ${CONFIG_FILE} + sed -i "/^ network:/c\ network: host" ${CONFIG_FILE} + +fi + +ENV_FILE=${ENV_FILE:-"/data/.env"} +decho "ENV_FILE: ${ENV_FILE}" +sed -i "/^ env_file:/c\ env_file: ${ENV_FILE}" ${CONFIG_FILE} + +if [[ ! -f "${ENV_FILE}" ]]; then + echo "Creating ${ENV_FILE}" + touch ${ENV_FILE} + echo "DOCKER_HOST=${DOCKER_HOST}" >> ${ENV_FILE} + echo "DOCKER_TLS_VERIFY=${DOCKER_TLS_VERIFY}" >> ${ENV_FILE} + echo "DOCKER_CERT_PATH=${DOCKER_CERT_PATH}" >> ${ENV_FILE} +fi + +EXTRA_ARGS="" +if [[ ! -z "${RUNNER_LABELS}" ]]; then + EXTRA_ARGS="${EXTRA_ARGS} --labels ${RUNNER_LABELS}" +fi +decho "EXTRA_ARGS: ${EXTRA_ARGS}" + +# Set the runner file +RUNNER_FILE=${RUNNER_FILE:-"runner.json"} # use json so editors know how to highlight +decho "RUNNER_FILE: ${RUNNER_FILE}" +sed -i "/^ file:/c\ file: ${RUNNER_FILE}" ${CONFIG_FILE} + +if [[ "${SKIP_WAIT}" != "true" ]]; then + echo "Waiting 10s to allow other services to start up..." + sleep 10 +fi + +if [[ ! -s "${RUNNER_FILE}" ]]; then + touch ${RUNNER_FILE} + try=$((try + 1)) + success=0 + decho "try: ${try}, success: ${success}" + + # The point of this loop is to make it simple, when running both forgejo-runner and gitea in docker, + # for the forgejo-runner to wait a moment for gitea to become available before erroring out. Within + # the context of a single docker-compose, something similar could be done via healthchecks, but + # this is more flexible. + while [[ $success -eq 0 ]] && [[ $try -lt ${MAX_REG_ATTEMPTS:-10} ]]; do + if [[ ! -z "${FORGEJO_SECRET}" ]]; then + run_command forgejo-runner create-runner-file --connect \ + --instance "${FORGEJO_URL:-http://forgejo:3000}" \ + --name "${RUNNER_NAME:-$(hostname)}" \ + --secret "${FORGEJO_SECRET}" \ + ${CONFIG_ARG}\ + ${EXTRA_ARGS} 2>&1 | tee /tmp/reg.log + else + run_command forgejo-runner register \ + --instance "${FORGEJO_URL:-http://forgejo:3000}" \ + --name "${RUNNER_NAME:-$(hostname)}" \ + --token "${RUNNER_TOKEN}" \ + --no-interactive \ + ${CONFIG_ARG}\ + ${EXTRA_ARGS} 2>&1 | tee /tmp/reg.log + fi + cat /tmp/reg.log | grep -E 'connection successful|registered successfully' >/dev/null + if [[ $? -eq 0 ]]; then + echo "SUCCESS" + success=1 + else + echo "Waiting to retry ..." + sleep 5 + fi + decho "try: ${try}, success: ${success}" + done +fi + +# Prevent reading the token from the forgejo-runner process +unset RUNNER_TOKEN +unset FORGEJO_SECRET + +run_command forgejo-runner daemon ${CONFIG_ARG} diff --git a/examples/docker-compose/.gitignore b/examples/docker-compose/.gitignore new file mode 100644 index 0000000..94bf3ec --- /dev/null +++ b/examples/docker-compose/.gitignore @@ -0,0 +1 @@ +srv diff --git a/examples/docker-compose/compose-forgejo-and-runner.yml b/examples/docker-compose/compose-forgejo-and-runner.yml index 4794985..6431893 100644 --- a/examples/docker-compose/compose-forgejo-and-runner.yml +++ b/examples/docker-compose/compose-forgejo-and-runner.yml @@ -11,83 +11,82 @@ # NOTE: a token obtained from the Forgejo web interface cannot be used # as a shared secret. # -# Replace {ROOT_PASSWORD} with a secure password +# Replace ${RUNNER_TOKEN} with the token obtained from the Forgejo web interface. # +# Replace ROOT_PASSWORD with a secure password. +# +networks: + forgejo: volumes: docker_certs: services: - docker-in-docker: image: code.forgejo.org/oci/docker:dind - hostname: docker # Must set hostname as TLS certificates are only valid for docker or localhost + hostname: docker # Must set hostname for both internal DNS and TLS to work as certs are only valid for docker and localhost + restart: unless-stopped privileged: true + networks: + - forgejo environment: - DOCKER_TLS_CERTDIR: /certs - DOCKER_HOST: docker-in-docker + DOCKER_TLS_CERTDIR: "/certs" # set to "" to disable the use of TLS, also manually update existing runner configs to use port 2375 + DOCKER_HOST: "docker" # remove aswell to disable TLS volumes: - docker_certs:/certs forgejo: image: codeberg.org/forgejo/forgejo:1.21 - command: >- - bash -c ' - /bin/s6-svscan /etc/s6 & - sleep 10 ; - su -c "forgejo forgejo-cli actions register --secret {SHARED_SECRET}" git ; - su -c "forgejo admin user create --admin --username root --password {ROOT_PASSWORD} --email root@example.com" git ; - sleep infinity - ' - environment: - FORGEJO__security__INSTALL_LOCK: "true" - FORGEJO__log__LEVEL: "debug" - FORGEJO__repository__ENABLE_PUSH_CREATE_USER: "true" - FORGEJO__repository__DEFAULT_PUSH_CREATE_PRIVATE: "false" - FORGEJO__repository__DEFAULT_REPO_UNITS: "repo.code,repo.actions" + hostname: forgejo + networks: + - forgejo volumes: - /srv/forgejo-data:/data ports: - 8080:3000 - - runner-register: - image: code.forgejo.org/forgejo/runner:3.4.1 - links: - - docker-in-docker - - forgejo environment: - DOCKER_HOST: tcp://docker-in-docker:2376 - volumes: - - /srv/runner-data:/data - user: 0:0 + FORGEJO__security__INSTALL_LOCK: "true" # remove in production command: >- - bash -ec ' - while : ; do - forgejo-runner create-runner-file --connect --instance http://forgejo:3000 --name runner --secret {SHARED_SECRET} && break ; - sleep 1 ; - done ; - sed -i -e "s|\"labels\": null|\"labels\": [\"docker:docker://code.forgejo.org/oci/node:20-bookworm\", \"ubuntu-22.04:docker://catthehacker/ubuntu:act-22.04\"]|" .runner ; - forgejo-runner generate-config > config.yml ; - sed -i -e "s|network: .*|network: host|" config.yml ; - sed -i -e "s|^ envs:$$| envs:\n DOCKER_HOST: tcp://docker:2376\n DOCKER_TLS_VERIFY: 1\n DOCKER_CERT_PATH: /certs/client|" config.yml ; - sed -i -e "s|^ options:| options: -v /certs/client:/certs/client|" config.yml ; - sed -i -e "s| valid_volumes: \[\]$$| valid_volumes:\n - /certs/client|" config.yml ; - chown -R 1000:1000 /data + bash -c ' + /bin/s6-svscan /etc/s6 & + sleep 10 ; + su -c "forgejo admin user create --admin --username root --password ROOT_PASSWORD --email root@example.com" git ; + su -c "forgejo forgejo-cli actions register --secret {SHARED_SECRET}" git ; + sleep infinity ' + # all values that have defaults listed are optional + # only FORGEJO_SECRET or RUNNER_TOKEN is required, the secret will be prioritized + # FORGEJO_URL is required if forgejo is not in this compose file or docker network runner-daemon: - image: code.forgejo.org/forgejo/runner:3.4.1 - links: - - docker-in-docker - - forgejo - environment: - DOCKER_HOST: tcp://docker:2376 - DOCKER_CERT_PATH: /certs/client - DOCKER_TLS_VERIFY: "1" + ## TODO: Update image to the the release + ## made from this PR: https://code.forgejo.org/forgejo/runner/pulls/283 + + # image: code.forgejo.org/forgejo/runner:3.4.1 + build: ../../ + user: "1000" # defaults to 1000, + restart: unless-stopped # needed for fixing file ownership on restart volumes: - /srv/runner-data:/data - docker_certs:/certs - command: >- - bash -c ' - while : ; do test -w .runner && forgejo-runner --config config.yml daemon ; sleep 1 ; done - ' + networks: + - forgejo + depends_on: + - docker-in-docker + - forgejo + environment: + CONFIG_FILE: config.yml # defaults to /data/config.yml + + DOCKER_HOST: "tcp://docker:2376" # defaults to tcp://docker:2376 + DOCKER_CERT_PATH: "/certs/client" # defaults to /certs/client + DOCKER_TLS_VERIFY: "1" # defaults to 1 + + FORGEJO_URL: ${FORGEJO_URL} # defaults to http://forgejo:3000 + FORGEJO_SECRET: "{SHARED_SECRET}" # shared secret, must match Forgejo's, overrides RUNNER_TOKEN + + RUNNER_FILE: .runner # defaults to /data/runner.json + RUNNER_NAME: runner-daemon # defaults to forgejo-runner, used for registration + RUNNER_TOKEN: ${RUNNER_TOKEN} # token obtained from Forgejo web interface + + DEBUG: "true" # defaults to false, set to true to enable debug logging + SKIP_WAIT: "false" # defaults to false, set to true to skip the 10 second wait to allow for forgejo and docker-in-docker to start diff --git a/go.mod b/go.mod index 6ec34f0..07622ad 100644 --- a/go.mod +++ b/go.mod @@ -1,25 +1,25 @@ module gitea.com/gitea/act_runner -go 1.23 +go 1.21.13 -toolchain go1.23.4 +toolchain go1.23.1 require ( code.gitea.io/actions-proto-go v0.4.0 code.gitea.io/gitea-vet v0.2.3 connectrpc.com/connect v1.17.0 github.com/avast/retry-go/v4 v4.6.0 - github.com/docker/docker v25.0.7+incompatible + github.com/docker/docker v25.0.6+incompatible github.com/google/uuid v1.6.0 github.com/joho/godotenv v1.5.1 github.com/mattn/go-isatty v0.0.20 github.com/nektos/act v0.2.49 github.com/sirupsen/logrus v1.9.3 github.com/spf13/cobra v1.8.1 - github.com/stretchr/testify v1.10.0 - golang.org/x/term v0.26.0 - golang.org/x/time v0.8.0 - google.golang.org/protobuf v1.36.1 + github.com/stretchr/testify v1.9.0 + golang.org/x/term v0.24.0 + golang.org/x/time v0.6.0 + google.golang.org/protobuf v1.34.2 gopkg.in/yaml.v3 v3.0.1 gotest.tools/v3 v3.5.1 ) @@ -96,10 +96,10 @@ require ( golang.org/x/mod v0.13.0 // indirect golang.org/x/net v0.23.0 // indirect golang.org/x/sync v0.6.0 // indirect - golang.org/x/sys v0.27.0 // indirect + golang.org/x/sys v0.25.0 // indirect golang.org/x/tools v0.14.0 // indirect gopkg.in/warnings.v0 v0.1.2 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect ) -replace github.com/nektos/act => code.forgejo.org/forgejo/act v1.22.2 +replace github.com/nektos/act => code.forgejo.org/forgejo/act v1.21.3 diff --git a/go.sum b/go.sum index 0a3fea8..498a542 100644 --- a/go.sum +++ b/go.sum @@ -1,5 +1,5 @@ -code.forgejo.org/forgejo/act v1.22.2 h1:gcHugOaLCtZvLnw070MiCjwVLKoSTVomd8waGsYQHKg= -code.forgejo.org/forgejo/act v1.22.2/go.mod h1:+PcvJ9iv+NTFeJSh79ra9Jbk9l0vvyA9D9me5/dbxYM= +code.forgejo.org/forgejo/act v1.21.3 h1:EeJbrz0aar2QhIcBlOW5gjK1rjrQxcAvQSPpG/R1h5w= +code.forgejo.org/forgejo/act v1.21.3/go.mod h1:+PcvJ9iv+NTFeJSh79ra9Jbk9l0vvyA9D9me5/dbxYM= code.gitea.io/actions-proto-go v0.4.0 h1:OsPBPhodXuQnsspG1sQ4eRE1PeoZyofd7+i73zCwnsU= code.gitea.io/actions-proto-go v0.4.0/go.mod h1:mn7Wkqz6JbnTOHQpot3yDeHx+O5C9EGhMEE+htvHBas= code.gitea.io/gitea-vet v0.2.3 h1:gdFmm6WOTM65rE8FUBTRzeQZYzXePKSSB1+r574hWwI= @@ -51,8 +51,8 @@ github.com/docker/cli v25.0.3+incompatible h1:KLeNs7zws74oFuVhgZQ5ONGZiXUUdgsdy6 github.com/docker/cli v25.0.3+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk= github.com/docker/distribution v2.8.3+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= -github.com/docker/docker v25.0.7+incompatible h1:PQhcun5/OF7p0mZlDu3ud9APyyJi01R6/7hrBymWhhQ= -github.com/docker/docker v25.0.7+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= +github.com/docker/docker v25.0.6+incompatible h1:5cPwbwriIcsua2REJe8HqQV+6WlWc1byg2QSXzBxBGg= +github.com/docker/docker v25.0.6+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/docker-credential-helpers v0.8.0 h1:YQFtbBQb4VrpoPxhFuzEBPQ9E16qz5SpHLS+uswaCp8= github.com/docker/docker-credential-helpers v0.8.0/go.mod h1:UGFXcuoQ5TxPiB54nHOZ32AWRqQdECoh/Mg0AlEYb40= github.com/docker/go-connections v0.5.0 h1:USnMq7hx7gwdVZq1L49hLXaFtUdTADjXGp+uj1Br63c= @@ -186,8 +186,8 @@ github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXf github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= -github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= +github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= +github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/timshannon/bolthold v0.0.0-20210913165410-232392fc8a6a h1:oIi7H/bwFUYKYhzKbHc+3MvHRWqhQwXVB4LweLMiVy0= github.com/timshannon/bolthold v0.0.0-20210913165410-232392fc8a6a/go.mod h1:iSvujNDmpZ6eQX+bg/0X3lF7LEmZ8N77g2a/J/+Zt2U= github.com/xanzy/ssh-agent v0.3.3 h1:+/15pJfg/RsTxqYcX6fHqOXZwwMP+2VyYWJeWM2qQFM= @@ -274,15 +274,15 @@ golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.27.0 h1:wBqf8DvsY9Y/2P8gAfPDEYNuS30J4lPHJxXSb/nJZ+s= -golang.org/x/sys v0.27.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.25.0 h1:r+8e+loiHxRqhXVl6ML1nO3l1+oFoWbnlu2Ehimmi34= +golang.org/x/sys v0.25.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U= -golang.org/x/term v0.26.0 h1:WEQa6V3Gja/BhNxg540hBip/kkaYtRg3cxg4oXSw4AU= -golang.org/x/term v0.26.0/go.mod h1:Si5m1o57C5nBNQo5z1iq+XDijt21BDBDp2bK0QI8e3E= +golang.org/x/term v0.24.0 h1:Mh5cbb+Zk2hqqXNO7S1iTjEphVL+jb8ZWaqh/g+JWkM= +golang.org/x/term v0.24.0/go.mod h1:lOBK/LVxemqiMij05LGJ0tzNr8xlmwBRJ81PX6wVLH8= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= @@ -292,8 +292,8 @@ golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/time v0.8.0 h1:9i3RxcPv3PZnitoVGMPDKZSq1xW1gK1Xy3ArNOGZfEg= -golang.org/x/time v0.8.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= +golang.org/x/time v0.6.0 h1:eTDhh4ZXt5Qf0augr54TN6suAUudPcawVZeIAPU7D4U= +golang.org/x/time v0.6.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20200325010219-a49f79bcc224/go.mod h1:Sl4aGygMT6LrqrWclx+PTx3U+LnKx/seiNR+3G19Ar8= @@ -314,8 +314,8 @@ google.golang.org/genproto/googleapis/rpc v0.0.0-20231016165738-49dd2c1f3d0b h1: google.golang.org/genproto/googleapis/rpc v0.0.0-20231016165738-49dd2c1f3d0b/go.mod h1:swOH3j0KzcDDgGUWr+SNpyTen5YrXjS3eyPzFYKc6lc= google.golang.org/grpc v1.59.0 h1:Z5Iec2pjwb+LEOqzpB2MR12/eKFhDPhuqW91O+4bwUk= google.golang.org/grpc v1.59.0/go.mod h1:aUPDwccQo6OTjy7Hct4AfBPD1GptF4fyUjIkQ9YtF98= -google.golang.org/protobuf v1.36.1 h1:yBPeRvTftaleIgM3PZ/WBIZ7XM/eEYAaEyCwvyjq/gk= -google.golang.org/protobuf v1.36.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= +google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg= +google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= diff --git a/internal/app/cmd/daemon.go b/internal/app/cmd/daemon.go index a02f36d..a613546 100644 --- a/internal/app/cmd/daemon.go +++ b/internal/app/cmd/daemon.go @@ -73,8 +73,11 @@ func runDaemon(ctx context.Context, configFile *string) func(cmd *cobra.Command, if err := envcheck.CheckIfDockerRunning(ctx, dockerSocketPath); err != nil { return err } + // if dockerSocketPath passes the check, override DOCKER_HOST with dockerSocketPath os.Setenv("DOCKER_HOST", dockerSocketPath) - if cfg.Container.DockerHost == "automount" { + // empty cfg.Container.DockerHost means act_runner need to find an available docker host automatically + // and assign the path to cfg.Container.DockerHost + if cfg.Container.DockerHost == "" { cfg.Container.DockerHost = dockerSocketPath } // check the scheme, if the scheme is not npipe or unix @@ -183,7 +186,7 @@ var commonSocketPaths = []string{ func getDockerSocketPath(configDockerHost string) (string, error) { // a `-` means don't mount the docker socket to job containers - if configDockerHost != "automount" && configDockerHost != "-" { + if configDockerHost != "" && configDockerHost != "-" { return configDockerHost, nil } diff --git a/internal/app/cmd/exec.go b/internal/app/cmd/exec.go index ea1718b..3e111fe 100644 --- a/internal/app/cmd/exec.go +++ b/internal/app/cmd/exec.go @@ -418,9 +418,7 @@ func runExec(ctx context.Context, execArgs *executeArgs) func(cmd *cobra.Command config.Env["ACT_EXEC"] = "true" - if t := config.Secrets["FORGEJO_TOKEN"]; t != "" { - config.Token = t - } else if t := config.Secrets["GITEA_TOKEN"]; t != "" { + if t := config.Secrets["GITEA_TOKEN"]; t != "" { config.Token = t } else if t := config.Secrets["GITHUB_TOKEN"]; t != "" { config.Token = t diff --git a/internal/app/run/logging.go b/internal/app/run/logging.go deleted file mode 100644 index d0e6d1c..0000000 --- a/internal/app/run/logging.go +++ /dev/null @@ -1,24 +0,0 @@ -// Copyright 2024 The Gitea Authors. All rights reserved. -// SPDX-License-Identifier: MIT - -package run - -import ( - "io" - - log "github.com/sirupsen/logrus" -) - -// NullLogger is used to create a new JobLogger to discard logs. This -// will prevent these logs from being logged to the stdout, but -// forward them to the Reporter via its hook. -type NullLogger struct{} - -// WithJobLogger creates a new logrus.Logger that will discard all logs. -func (n NullLogger) WithJobLogger() *log.Logger { - logger := log.New() - logger.SetOutput(io.Discard) - logger.SetLevel(log.TraceLevel) - - return logger -} diff --git a/internal/app/run/runner.go b/internal/app/run/runner.go index 5f03638..e8654b6 100644 --- a/internal/app/run/runner.go +++ b/internal/app/run/runner.go @@ -168,9 +168,7 @@ func (r *Runner) run(ctx context.Context, task *runnerv1.Task, reporter *report. RepositoryOwner: taskContext["repository_owner"].GetStringValue(), RetentionDays: taskContext["retention_days"].GetStringValue(), } - if t := task.Secrets["FORGEJO_TOKEN"]; t != "" { - preset.Token = t - } else if t := task.Secrets["GITEA_TOKEN"]; t != "" { + if t := task.Secrets["GITEA_TOKEN"]; t != "" { preset.Token = t } else if t := task.Secrets["GITHUB_TOKEN"]; t != "" { preset.Token = t @@ -219,7 +217,7 @@ func (r *Runner) run(ctx context.Context, task *runnerv1.Task, reporter *report. NoSkipCheckout: true, PresetGitHubContext: preset, EventJSON: string(eventJSON), - ContainerNamePrefix: fmt.Sprintf("FORGEJO-ACTIONS-TASK-%d", task.Id), + ContainerNamePrefix: fmt.Sprintf("GITEA-ACTIONS-TASK-%d", task.Id), ContainerMaxLifetime: maxLifetime, ContainerNetworkMode: container.NetworkMode(r.cfg.Container.Network), ContainerNetworkEnableIPv6: r.cfg.Container.EnableIPv6, @@ -234,15 +232,6 @@ func (r *Runner) run(ctx context.Context, task *runnerv1.Task, reporter *report. Inputs: inputs, } - if r.cfg.Log.JobLevel != "" { - level, err := log.ParseLevel(r.cfg.Log.JobLevel) - if err != nil { - return err - } - - runnerConfig.JobLoggerLevel = &level - } - rr, err := runner.New(runnerConfig) if err != nil { return err @@ -254,10 +243,6 @@ func (r *Runner) run(ctx context.Context, task *runnerv1.Task, reporter *report. // add logger recorders ctx = common.WithLoggerHook(ctx, reporter) - if !log.IsLevelEnabled(log.DebugLevel) { - ctx = runner.WithJobLoggerFactory(ctx, NullLogger{}) - } - execErr := executor(ctx) reporter.SetOutputs(job.Outputs) return execErr diff --git a/internal/pkg/config/config.example.yaml b/internal/pkg/config/config.example.yaml index dbdf46e..32dfb68 100644 --- a/internal/pkg/config/config.example.yaml +++ b/internal/pkg/config/config.example.yaml @@ -1,13 +1,11 @@ # Example configuration file, it's safe to copy this as the default config file without any modification. # You don't have to copy this file to your instance, -# just run `forgejo-runner generate-config > config.yaml` to generate a config file. +# just run `./act_runner generate-config > config.yaml` to generate a config file. log: # The level of logging, can be trace, debug, info, warn, error, fatal level: info - # The level of logging for jobs, can be trace, debug, info, earn, error, fatal - job_level: info runner: # Where to store the registration result. @@ -42,7 +40,7 @@ runner: # The labels of a runner are used to determine which jobs the runner can run, and how to run them. # Like: ["macos-arm64:host", "ubuntu-latest:docker://node:20-bookworm", "ubuntu-22.04:docker://node:20-bookworm"] # If it's empty when registering, it will ask for inputting labels. - # If it's empty when executing the `daemon`, it will use labels in the `.runner` file. + # If it's empty when execute `deamon`, will use labels in `.runner` file. labels: [] cache: @@ -59,8 +57,8 @@ cache: # 0 means to use a random available port. port: 0 # The external cache server URL. Valid only when enable is true. - # If it's specified, it will be used to set the ACTIONS_CACHE_URL environment variable. The URL should generally end with "/". - # Otherwise it will be set to the the URL of the internal cache server. + # If it's specified, act_runner will use this URL as the ACTIONS_CACHE_URL rather than start a server by itself. + # The URL should generally end with "/". external_server: "" container: @@ -89,10 +87,10 @@ container: # - '**' valid_volumes: [] # overrides the docker client host with the specified one. - # If "-" or "", an available docker host will automatically be found. - # If "automount", an available docker host will automatically be found and mounted in the job container (e.g. /var/run/docker.sock). - # Otherwise the specified docker host will be used and an error will be returned if it doesn't work. - docker_host: "-" + # If it's empty, act_runner will find an available docker host automatically. + # If it's "-", act_runner will find an available docker host automatically, but the docker host won't be mounted to the job containers and service containers. + # If it's not empty or "-", the specified docker host will be used. An error will be returned if it doesn't work. + docker_host: "" # Pull docker image(s) even if already present force_pull: false diff --git a/internal/pkg/config/config.go b/internal/pkg/config/config.go index 60be651..a1536b3 100644 --- a/internal/pkg/config/config.go +++ b/internal/pkg/config/config.go @@ -16,8 +16,7 @@ import ( // Log represents the configuration for logging. type Log struct { - Level string `yaml:"level"` // Level indicates the logging level. - JobLevel string `yaml:"job_level"` // JobLevel indicates the job logging level. + Level string `yaml:"level"` // Level indicates the logging level. } // Runner represents the configuration for the runner. @@ -114,9 +113,6 @@ func LoadDefault(file string) (*Config, error) { if cfg.Log.Level == "" { cfg.Log.Level = "info" } - if cfg.Log.JobLevel == "" { - cfg.Log.JobLevel = "info" - } if cfg.Runner.File == "" { cfg.Runner.File = ".runner" } @@ -153,10 +149,6 @@ func LoadDefault(file string) (*Config, error) { cfg.Runner.ReportInterval = time.Second } - if cfg.Container.DockerHost == "" { - cfg.Container.DockerHost = "-" - } - // although `container.network_mode` will be deprecated, but we have to be compatible with it for now. if cfg.Container.NetworkMode != "" && cfg.Container.Network == "" { log.Warn("You are trying to use deprecated configuration item of `container.network_mode`, please use `container.network` instead.") diff --git a/internal/pkg/config/config_test.go b/internal/pkg/config/config_test.go index 2f046c0..d2ddf2f 100644 --- a/internal/pkg/config/config_test.go +++ b/internal/pkg/config/config_test.go @@ -35,11 +35,3 @@ func TestConfigTune(t *testing.T) { assert.EqualValues(t, 2*time.Second, c.Runner.FetchInterval) }) } - -func TestDefaultSettings(t *testing.T) { - config, err := LoadDefault("") - assert.NoError(t, err) - - assert.EqualValues(t, config.Container.DockerHost, "-") - assert.EqualValues(t, config.Log.JobLevel, "info") -} diff --git a/internal/pkg/envcheck/docker.go b/internal/pkg/envcheck/docker.go index cb9c901..f115bc7 100644 --- a/internal/pkg/envcheck/docker.go +++ b/internal/pkg/envcheck/docker.go @@ -13,7 +13,10 @@ import ( func CheckIfDockerRunning(ctx context.Context, configDockerHost string) error { opts := []client.Opt{ client.FromEnv, - client.WithHost(configDockerHost), + } + + if configDockerHost != "" { + opts = append(opts, client.WithHost(configDockerHost)) } cli, err := client.NewClientWithOpts(opts...) diff --git a/renovate.json b/renovate.json index 75f587d..31da118 100644 --- a/renovate.json +++ b/renovate.json @@ -1,7 +1,6 @@ { "$schema": "https://docs.renovatebot.com/renovate-schema.json", "extends": ["local>forgejo/renovate-config"], - "prConcurrentLimit": 1, "packageRules": [ { "description": "Disable nektos/act, it's replaced",